Static program analysis is a technique for finding security vulnerabilities in processor executable instructions of an application without executing the processor executable instructions. Examples of security vulnerabilities include susceptibility to cross-site scripting and susceptibility to code injection.